Android Ransomware Affects Less than 0.0001% of Official Installations :Google

Getting infected with Android ransomware is unlikely, Google says. In fact, you’re more likely to get hit by lightning twice than to get infected.

Of course, that may not seem like it’s the case with all the infected apps that get reported after managing to make their way into the Play Store, but it seems to be the actual truth.

“Since 2015, less than 0.00001 percent of installations from Google Play, and less than .01 percent of installations from sources other than Google Play, were categorized as ransomware,” reads the report signed by Jason Woloz, senior program manager with the Android security team.

As you know, ransomware is a type of app that restricts people’s access to the device until victims pay a sum of money, most often than not in Bitcoin. They’re usually present in apps that restrict device access and demand payment, or apps that encrypt data on the external storage of the device and demands payment to decrypt it all. As Woloz points out, criminals often pose as law enforcement and accuse users of doing something illegal, so they’re more likely to pay.

The Android security chief also hgihlights that Google has been doing a lot to protect users. On top of the Verify Apps feature which analyzes apps before they are installed, Google also deploys Application Sandboxing, which is a technology that forces apps to operate independently of others. Basically, sandboxes require apps to mutually consent to sharing data, which limits ransomware’s ability to access sensitive information.

Android 7.0 Nougat comes with some extra defenses against ransomware, Woloz says. For instance, apps can no longer see which other apps are active, which means that if an app infected with ransomware flies under Google’s radar and you install it, it can’t see what other apps are doing.

Additionally, if you set a lockscreen PIN prior to installing ransomware, the infected app can’t misuse your device’s permissions to change your PIN to lock you out, effectively canceling the effects one of the major categories of ransomware apps.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Related

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]